Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    ASA ACLs

    Many similarities exist between ASA access control lists (ACLs) and IOS ACLs. For example, both

    • Are made up of access control entries (ACEs)

    • Are processed sequentially from top down

    • Have an implicit deny any at the end

    • Follow the rule of only one ACL per interface, per protocol, per direction

    ASA ACLs differ from IOS ACLs as follows:

    • ASA ACLs use a network mask rather than a wildcard mask (for example, 0.0.0.255).

    • ASA ACLs are named rather than numbered. There are no numbered standard and extended ACLs, although you could name one with a number.

    • By default, interface security levels apply access control without an ACL configured.

    Note

    Traffic from a more-secure interface (such as security level 100) is allowed to access less-secure interfaces (such as level 0). Traffic from a less-secure interface is blocked from accessing more-secure interfaces and requires an ACL to permit traffic to a higher security level.


      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial


      
    • Safari Books Online
    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint